Lucene search

[email protected]CVE-2001-0542

HistoryDec 20, 2001 - 5:00 a.m.

CVE-2001-0542

2001-12-2005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft

sql server 7.0

sql server 2000

buffer overflow

arbitrary code execution

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.173 Low

EPSS

Percentile

96.1%

JSON

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.

CPENameOperatorVersion
microsoft:sql_servermicrosoft sql servereq7.0
microsoft:sql_servermicrosoft sql servereq2000

CPE	Name	Operator	Version
microsoft:sql_server	microsoft sql server	eq	7.0
microsoft:sql_server	microsoft sql server	eq	2000

References

marc.info/?l=bugtraq&m=100891252317406&w=2

www.atstake.com/research/advisories/2001/a122001-1.txt

www.kb.cert.org/vuls/id/700575

www.securityfocus.com/bid/3733

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060

exchange.xforce.ibmcloud.com/vulnerabilities/7724

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A83

Social References

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.173 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2001-0542

cert1 securityvulns1 cve1 openvas1